reflex-scripting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly performs HTTP/website data ingestion (e.g., "reflex rest get https://api.example.com/data" in the Direct Library Commands section) and continues browser-backed flows using validated selectors/URLs (see "Browser-Backed Script Rules" and "export data collected via browser to a file"), so it clearly consumes untrusted third-party web content that can influence scripting logic and subsequent actions.